> OK, what I do is not limited to shorewall, I do in with every RPM update. > What I do is to create a backup file named .orig before editing any config > file. Then, RPM will create a .rpmnew file, and the config update script > does all the diffing and patching so the .orig and the real config get > updated. I don't know how to keep configs clean otherwise. > Read what I posted about an hour or so while ago on this list (provided the daemon didn't cut off my attachments, that is) - when I first started with shorewall, I used to do exactly what you have been doing, but got really fed up with it after a while.
Since 20-Beta5 I thought that needed changing as there were a lot of options introduced in one go in that version, so I designed the script I attached earlier. It works and I use it in my rpm files (both during building of shorewall as well as in the %post section during installation/upgrade) and it does a good job as it merges my old options with the new, giving preference to what I have already selected in my old shorewall.conf file. I am hoping something will be done in 20.x because as it is now, there is no way to have that merged unless one is patient enough to check (i.e. diff) old and new options every single time shorewall is released. I am planning an improved version of my update-shorewall-config script to include more information as to what were old (deprecated) and what were new (missing in the 'old') options in the resulting shorewall.conf file, something like this: #DEPRECATED USE_ACTIONS=Yes #NEW introduced in 4.4.20 - DEFAULT value selected SMURF_DISPOSITION=DROP ------------------------------------------------------------------------------ EditLive Enterprise is the world's most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
